HtmlFormUrlEncode Method (String)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Encodes input strings for use in application/x-www-form-urlencoded form submissions.

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string HtmlFormUrlEncode(
	string input
)
Visual Basic
Public Shared Function HtmlFormUrlEncode ( _
	input As String _
) As String
Visual C++
public:
static String^ HtmlFormUrlEncode(
	String^ input
)

Parameters

input
Type: System..::..String
String to be encoded.

Return Value

Encoded string for use in URLs.

Remarks

This function encodes all but known safe characters. Characters are encoded using %SINGLE_BYTE_HEX and %DOUBLE_BYTE_HEX notation. Safe characters include:
a-zLower case alphabet
A-ZUpper case alphabet
0-9Numbers
.Period
-Dash
_Underscore
~Tilde
Example inputs and encoded outputs:
alert('XSS Attack!');alert%28%27XSS+Attack%21%27%29%3b
[email protected]user%40contoso.com
Anti-Cross Site Scripting LibraryAnti-Cross+Site+Scripting+Library

See Also